a0a6093710
* remove unnessary import * use mock for child_process.spawnSync() * document useful resources * use v1.1.0 for daily scan
20 lines
404 B
YAML
20 lines
404 B
YAML
name: daily scan
|
|
|
|
on:
|
|
schedule:
|
|
- cron: '0 20 * * *'
|
|
|
|
jobs:
|
|
scan:
|
|
name: npm audit
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v1
|
|
- name: install dependencies
|
|
run: npm ci
|
|
- uses: oke-py/npm-audit-action@v1.1.0
|
|
with:
|
|
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
issue_assignees: oke-py
|
|
issue_labels: vulnerability
|